Microsoft Azure Active Directory (AAD)
This object allows for the use of Microsoft AAD as an identity provider for accessing Dremio.
Identity Provider Object{
"type": "AZURE_AD",
"id": "acd23077-263a-4277-b5f6-926b1983c9de",
"isActive": true,
"domain": "dremio.onmicrosoft.com",
"clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
"clientSecret": null
}
Identity Provider Attributes
type String
The type of identity provider. For Microsoft AAD, this attribute value is always AZURE-AD
.
id String (UUID)
The UUID to identify the identity provider.
Example: acd23077-263a-4277-b5f6-926b1983c9de
isActive Boolean
Set to true
if the identity provider is configured and enabled. Otherwise displays as false
.
Example: true
domain String
The domain of your Azure AD account in the Azure portal.
Example: dremio.onmicrosoft.com
clientID String
The client ID or application ID of your registered Dremio application on the Azure portal.
Example: e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff
clientSecret String
The client secret of your registered Dremio application on the Azure portal.
Example: The client secret is not shown in the object and so the value is returned as null
Adding Microsoft AAD
Add Microsoft AAD as an identity provider. After adding an IdP, activate it using the associated endpoint.
Method and URLPOST /v0/identity-providers
Parameters
type Body String
The type of identity provider. For Microsoft AAD, this attribute value is always AZURE-AD
.
isActive Body Boolean Optional
Set to false
to add Microsoft AAD as an identity provider.
Example: false
domain Body String
The domain for your Microsoft AAD account in the Azure portal.
Example: dremio.onmicrosoft.com
clientID Body String
The client ID or application ID of your registered Dremio application on the Azure portal.
Example: e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff
clientSecret Body String
The client secret of your registered Dremio application on the Azure portal.
Example: aaAaA_a1aA1A_A1aaa_1a~aaA1_A11-AA1
For information on how to get the domain, client ID, and client secret from the Azure portal, see Configure Microsoft Entra ID as an Identity Provider.
After adding an IdP, activate it using the associated endpoint.
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
"type": "AZURE_AD",
"isActive": "false",
"domain": "dremio.onmicrosoft.com",
"clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
"clientSecret": "aaAaA_a1aA1A_A1aaa_1a~aaA1_A11-AA1"
}'
{
"id": "acd23077-263a-4277-b5f6-926b1983c9de"
}
Response Status Codes
200 OK400 Bad Request
Retrieving Microsoft AAD
Get the metadata for Microsoft AAD by providing the identity provider ID that was returned on creation.
Method and URLGET /v0/identity-providers/{id}
Parameters
id Path String
The ID of the Microsoft AAD identity provider for which you want to retrieve metadata.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
{
"type": "AZURE_AD",
"id": "acd23077-263a-4277-b5f6-926b1983c9de",
"isActive": true,
"domain": "dremio.onmicrosoft.com",
"clientID": "e1cec408-4c58-4283-9b9b-9ec6a6e96f83",
"clientSecret": null
}
Response Status Codes
200 OK400 Bad Request
Activating Microsoft AAD
Activate Microsoft AAD as an identity provider, once configured. This will show Microsoft AAD as an option to users on the Dremio Cloud login page.
Method and URLPOST /v0/identity-providers/{id}/enable
Parameters
id Path String
The ID of the identity provider that you want to activate.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/enable' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Response Status Codes
200 OK400 Bad Request
Deactivating Microsoft AAD
Deactivate Microsoft AAD. The Microsoft AAD option will no longer be available to users for authentication to Dremio Cloud and it will not be shown on the login page.
Method and URLPOST /v0/identity-providers/{id}/disable
Parameters
id Path String
The ID of the identity provider that you want to deactivate.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/disable' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Response Status Codes
200 OK400 Bad Request
Deleting Microsoft AAD
Delete Microsoft AAD.
Method and URLDELETE /v0/identity-providers/{id}
Parameters
id Path String
The ID of the identity provider that you want to delete.
Example: acd23077-263a-4277-b5f6-926b1983c9de
Example Requestcurl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Response Status Codes
200 OK400 Bad Request